--WAF config file,enable = "on",disable = "off"

--waf status # waf 开关
config_waf_enable = "on"
--log dir
config_log_dir = "/usr/local/nginx/logs"
--rule setting
config_rule_dir = "/usr/local/nginx/conf/waf/rule-config"
--set ip addr from: X_Forwarded_For X_real_ip[header] or ngx.var.remote_addr 
config_set_ip_addr = "X_Forwarded_For"

--enable/disable white url #是否开启url检测
config_white_url_check = "on"
--enable/disable white ip  #是否开启IP白名单检测
config_white_ip_check = "on"
--enable/disable block ip   #是否开启ip黑名单检测
config_black_ip_check = "on"
--black ip in cache time of xxx secondsa # 命中一次cc攻击后,拉入black_ip_in_cache,缓存600s
config_black_ip_cache = "600"
--enable/disable url filtering #是否开启url过滤
config_url_check = "on"
--enalbe/disable url args filtering #是否开启参数检测
config_url_args_check = "on"
--enable/disable user agent filtering #是否开启ua检测
config_user_agent_check = "on"
--enable/disable cookie deny filtering #是否开启cookie检测
config_cookie_check = "on"
--enable/disable cc filtering #启用cc防御
config_cc_check = "on"
--cc rate the xxx of xxx secondsa #允许单个ip60秒内只能访问10次
config_cc_rate = "10/60"
--enable/disable post filtering  #是否开启post检测
config_post_check = "on"
--config waf output redirect/html # 选择跳转url或者html
config_waf_output = "html"
--if config_waf_output ,setting url
config_waf_redirect_url = "http://www.baidu.com"
config_output_html=[[
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="Content-Language" content="zh-cn" />
<title>网站waf防火墙</title>
</head>
<body>

<h1 align="center"> 网站waf防火墙 </h1>
<br/>
<h4 align="center">由于你访问的URL可能对网站造成安全威胁，访问被阻断</h4>
<br/><br/><br/><br/><br/>
<img src="https://oscimg.oschina.net/oscnet/c91b537ae2dcdabca9bab58fc3807f74259.jpg">
<hr/>

</body>
</html>
]]
